Skip to content

v0.21.0

Latest

Choose a tag to compare

@solomonneas solomonneas released this 08 Jul 22:16

Added

  • Verified binary pins for runbooks: a runbook can pin each step's binary by sha256, runbook plan shows pin status without executing, runbook run refuses on mismatch unless --allow-pin-mismatch is passed and records the check (and any override) in the receipt, and brigade runbook pin <runbook.json> writes pins from the current binaries. Unpinned runbooks behave exactly as before. (#156)
  • Tamper-evident receipts: verify, runbook, and outcome artifacts carry a sha256 digests block binding the receipt payload and every referenced log file; memory/outcome/records.jsonl is hash-chained with prev_digest/digest so an edited or deleted middle record breaks visibly; brigade receipts verify walks everything and reports OK, MISMATCH, MISSING, or legacy, wired into brigade doctor and outcome doctor. Pre-existing artifacts report as legacy, not failures. (#157)
  • Optional receipt signing: brigade receipts keygen writes a local 0600 key, receipts then carry an HMAC-SHA256 signature and key_id over the receipt digest, and receipts verify reports SIGNED-OK, flips SIGNATURE-MISMATCH nonzero, or marks foreign-key signatures unverifiable. Without a key, receipts are byte-identical to before. (#164)
  • Code-graph delta receipts: verify runs and brigade run snapshot the target's GraphTrail database (WAL-safe), re-sync and diff after, and attach a compact code_graph_delta summary to the receipt with the full diff as a digest-covered graph-delta.json sidecar. Snapshots are deleted after the diff with their sha256s kept as attestations. Fail-open everywhere; read-only, dry-run, and --no-code-graph runs skip capture. (#158)
  • MiseLedger receipt export: brigade receipts export miseledger emits one miseledger.adapter.v1 JSONL line per verify-run and run receipt, with raw.hash reusing the receipt digest so re-imports dedupe on content identity. --new-only adds a cursor so reruns export only new receipts, and --import pipes the export straight through miseledger import adapter, fail-open when the binary is absent and skipping the import subprocess entirely when nothing new was exported. (#159, #162, #165)
  • Git provenance on receipts: verify receipts and run payloads capture head, branch, and dirty_files inside the digest-covered content, and the MiseLedger export emits the GitHub commit URL as a link. (#162)
  • Delta-aware outcome ledger: outcome capture copies the receipt's compact code-graph delta onto the hash-chained record, outcome capture --run-receipt <run-id|latest> captures from run receipts (where code actually changes) with status mapped to signal, and outcome rank/reconcile report graph: N changing / M no-op per subject. Promotion decision rules are unchanged. (#163, #169)
  • Context evals on run receipts: when a run had a code-graph brief and its delta captured cleanly, context_eval records whether the pre-run context named the files the run actually touched (hits, missed, brief_hit_rate). Absent when there is no brief, no clean delta, or nothing changed. (#167)
  • Evidence briefs close the receipts-to-context loop: brigade run can attach a capped, fail-open brief of recent verified evidence for the target repo pulled from MiseLedger, always framed as untrusted evidence rather than instructions, gated by --no-evidence, and recorded in run.json. brigade work import context --from-miseledger '<query>' runs the same fetch on demand. (#171)
  • Workflow sequence scanner: mines run artifacts for recurring command sequences and proposes runbooks (with empty pin stubs) from what operators actually repeat. (#155)
  • Detached run control: brigade run --detach, live watch, and steer/interrupt verbs for app-server runs. (#154)
  • Vendored content-guard under brigade.guard, added python -m brigade.guard and brigade guard ..., and packaged the guard policies so scrub works without a separate checkout. (#166)

Changed

  • brigade scrub now defaults to the embedded brigade.guard scanner and policy set. Setting CONTENT_GUARD_DIR still preserves the old external checkout behavior, including python -m content_guard with that checkout's src on PYTHONPATH. (#166)

Fixed

  • Run receipts are written atomically, closing a race where a concurrent reader could catch a partially written run.json. (#161)
  • Friction imports use shared import identity keys, so re-imports no longer duplicate items. (#153)
  • The technical guide no longer overstates runbook approval semantics. (#152)